hrw 0.2.3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/exe/hrw +4 -4
- data/lib/hrw/formatter.rb +80 -10
- data/lib/hrw/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8cabda6b327c8534533ce19127ad8ef171b1aa98daafb12d1123285e4c100eef
|
4
|
+
data.tar.gz: 3727dab2676b9412906cfe9606dbd8bb4f77e1ef63d56e2e3ec2b30108927d03
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 363c6d96c9ea9822f7dd05dd9f577c4e800418150cee5338889080ff9336aa7973fc12856c5967b379855804adceb90377cd644b8ff42676bcfa556d94b36e9b
|
7
|
+
data.tar.gz: f12bc6139b20c57cd485e13bb3298407c881c6162aaaddc2f7e95b3ad206487518f7047a49bd5e21d2203e5d1c62468c1b449468a55afc65b69f67b776f6bf91
|
data/Gemfile.lock
CHANGED
data/exe/hrw
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
require 'ostruct'
|
3
3
|
require 'optparse'
|
4
|
+
|
4
5
|
require 'hrw'
|
5
6
|
|
6
7
|
ARGV << '--help' if ARGV.empty?
|
@@ -31,9 +32,8 @@ hash = api.submit(specs, scanner.package_manager)
|
|
31
32
|
result = api.retrieve(hash)
|
32
33
|
|
33
34
|
formatter = Hrw::Formatter.new
|
34
|
-
|
35
|
-
|
36
|
-
unless vulnerable_deps.empty?
|
37
|
-
formatter.print_vulnerable_deps(vulnerable_deps)
|
35
|
+
if formatter.pretty_print(result)
|
38
36
|
exit(1)
|
37
|
+
else
|
38
|
+
exit(0)
|
39
39
|
end
|
data/lib/hrw/formatter.rb
CHANGED
@@ -14,15 +14,22 @@ module Hrw
|
|
14
14
|
# Format result and pretty print it
|
15
15
|
#
|
16
16
|
class Formatter
|
17
|
-
#
|
17
|
+
# Class constructor
|
18
|
+
#
|
19
|
+
def initialize
|
20
|
+
@count = 0
|
21
|
+
end
|
22
|
+
|
23
|
+
# Filter result
|
18
24
|
#
|
19
25
|
# @param [Hash] result scan result
|
20
|
-
# @return [
|
21
|
-
def
|
26
|
+
# @return [Array] vulnerable or not
|
27
|
+
def filter(result)
|
22
28
|
deps = []
|
23
29
|
|
24
30
|
result['ancestry']['layers'].each do |layer|
|
25
31
|
layer['detected_features'].each do |feature|
|
32
|
+
@count += 1
|
26
33
|
deps << feature if feature.key?('vulnerabilities')
|
27
34
|
end
|
28
35
|
end
|
@@ -32,20 +39,83 @@ module Hrw
|
|
32
39
|
|
33
40
|
# Pretty print result
|
34
41
|
#
|
35
|
-
|
42
|
+
# @param [Hash] result scan result
|
43
|
+
# @return [Boolean] true if has vulnerability
|
44
|
+
def pretty_print(result)
|
45
|
+
high = medium = low = unknown = 0
|
46
|
+
|
47
|
+
puts
|
48
|
+
puts("scanning #{Dir.pwd} ...".foreground(:aliceblue))
|
49
|
+
puts
|
50
|
+
|
51
|
+
deps = filter(result)
|
36
52
|
deps.each do |dep|
|
37
53
|
dep['vulnerabilities'].each do |vuln|
|
38
54
|
patched_version = JSON.parse(vuln['fixed_by'])
|
39
55
|
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
56
|
+
case vuln['severity']
|
57
|
+
when 'Defcon1', 'Critical', 'High'
|
58
|
+
color = :red
|
59
|
+
high += 1
|
60
|
+
when 'Medium'
|
61
|
+
color = :yellow
|
62
|
+
medium += 1
|
63
|
+
when 'Unknown'
|
64
|
+
color = :magenta
|
65
|
+
unknown += 1
|
66
|
+
else
|
67
|
+
color = :aliceblue
|
68
|
+
low += 1
|
69
|
+
end
|
70
|
+
|
71
|
+
pkg = "#{dep['name']}@#{dep['version']}"
|
72
|
+
puts "✗ #{vuln['severity']} severity vulnerability found in #{pkg.underline.bright}".foreground(color)
|
73
|
+
puts 'Name:'
|
74
|
+
puts " #{vuln['name']}"
|
75
|
+
puts
|
76
|
+
puts 'Description:'
|
77
|
+
puts vuln['description'].gsub(/^/, ' ')
|
78
|
+
puts
|
79
|
+
puts 'Severity:'
|
80
|
+
puts " #{vuln['severity']}"
|
81
|
+
puts
|
82
|
+
puts 'Link:'
|
83
|
+
puts " #{vuln['link']}"
|
84
|
+
puts
|
85
|
+
puts 'Patched version:'
|
86
|
+
puts " #{patched_version['spec'].join(', ')}"
|
87
|
+
puts
|
46
88
|
puts
|
47
89
|
end
|
48
90
|
end
|
91
|
+
|
92
|
+
puts "Tested #{@count} dependencies for known vulnerabilities".foreground(:aliceblue)
|
93
|
+
puts
|
94
|
+
|
95
|
+
if deps.empty?
|
96
|
+
puts '✓ no vulnerabilities found.'.foreground(:green)
|
97
|
+
puts
|
98
|
+
|
99
|
+
false
|
100
|
+
else
|
101
|
+
puts "✗ found #{high + medium + low + unknown} vulnerabilities:".foreground(:red)
|
102
|
+
puts
|
103
|
+
|
104
|
+
color = high > 0 ? :red : :aliceblue
|
105
|
+
puts " high: #{high}".foreground(color)
|
106
|
+
|
107
|
+
color = medium > 0 ? :yellow : :aliceblue
|
108
|
+
puts " medium: #{medium}".foreground(color)
|
109
|
+
|
110
|
+
puts " low: #{low}".foreground(:aliceblue)
|
111
|
+
|
112
|
+
color = unknown > 0 ? :magenta : :aliceblue
|
113
|
+
puts " unknown: #{unknown}".foreground(color)
|
114
|
+
|
115
|
+
puts
|
116
|
+
|
117
|
+
true
|
118
|
+
end
|
49
119
|
end
|
50
120
|
end
|
51
121
|
end
|
data/lib/hrw/version.rb
CHANGED